SIEM Engineers Lead at Nebius

<div class="content-intro"><p><strong>About Nebius:</strong></p> <p>Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.</p> <p>Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.</p> <p>Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&amp;D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&amp;D.</p></div><h3><strong><span data-ccp-props="{}">The role</span></strong></h3> <p><span data-ccp-props="{}">Nebius is looking for a&nbsp;<strong>highly technical, hands-on SIEM Engineer Lead</strong> to design, implement, and optimize advanced Security Information and Event Management (SIEM) capabilities. This role is responsible for developing detection strategies, improving security visibility, and driving automation across security operations processes. The ideal candidate will combine deep SIEM expertise with strong analytical and engineering skills to enhance threat detection, incident response efficiency, and security monitoring maturity. This is not a people management position, you will provide <strong>technical guidance, mentorship, and direction</strong> to SOC analysts, security engineers, and cross-functional teams<br></span></p> <p><span data-ccp-props="{}">You’re welcome to work in our offices in Tel Aviv.</span></p> <p><strong><span data-contrast="auto"><span data-ccp-charstyle="Strong">Your responsibilities will include:</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true}">&nbsp;</span></p> <ul> <li>Architect, deploy, and maintain enterprise SIEM platforms and related security monitoring infrastructure.</li> <li>Develop and optimize detection rules, correlation logic, and alert mechanisms to identify security threats and anomalous activity.</li> <li>Design and implement log ingestion pipelines, normalization, and enrichment processes across diverse data sources.</li> <li>Continuously improve detection coverage by analyzing threat intelligence, attacker techniques, and emerging vulnerabilities.</li> <li>Create and maintain dashboards, reports, and metrics to support security visibility and operational decision-making.</li> <li>Drive automation of security monitoring and response workflows using scripting, APIs, and orchestration tools.</li> <li>Perform tuning and performance optimization of SIEM platforms to ensure scalability and reliability.</li> <li>Conduct threat hunting activities and support complex security investigations using SIEM data.</li> <li>Collaborate with engineering, infrastructure, and security stakeholders to integrate new log sources and telemetry.</li> <li>Develop documentation, standards, and best practices for SIEM configuration, logging, and detection engineering.</li> <li>Create APIs and interfaces that enable AI agents to query SIEM, pull evidence, and execute actions</li> </ul> <p><strong><span data-contrast="auto"><span data-ccp-charstyle="Strong">We expect you to have:</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true}">&nbsp;</span></p> <ul> <li>5+ years of experience in cybersecurity with strong focus on SIEM engineering or security monitoring.</li> <li>Hands-on experience with <strong>SIEM platforms</strong> such as Splunk, Microsoft Sentinel, QRadar, CrowdStrike, Elastic, or similar.</li> <li>Strong knowledge of <strong>log analysis,event correlation, and detection engineering</strong>.</li> <li>Experience with <strong>data pipelines, log parsing, and schema design</strong>.</li> <li>Experience with <strong>SOAR platforms and security automation</strong>.</li> <li>Experience with <strong>scripting or programming (e.g., Python, PowerShell, Bash)</strong> for automation and integrations.</li> <li>Solid understanding of <strong>network protocols, operating systems, cloud environments, and common attack techniques</strong>.</li> <li>Familiarity with frameworks such as <strong>MITRE ATT&amp;CK, NIST, or CIS for detection mapping and security controls</strong>.</li> <li>Experience integrating <strong>threat intelligence and security tools with SIEM platforms</strong>.</li> <li>Knowledge of <strong>cloud logging and monitoring (AWS, Azure, GCP).</strong></li> <li>Strong knowledge of<strong> Kubernetes architecture and security concepts</strong></li> <li>Experience with <strong>Terraform, CI/CD pipelines and Detection as code workflow</strong></li> </ul> <p><strong><span data-contrast="auto"><span data-ccp-charstyle="Strong">It will be an added bonus if you have:</span></span></strong><span data-ccp-props="{&quot;134233117&quot;:true,&quot;134233118&quot;:true}">&nbsp;</span></p> <ul> <li>Experience building and deploying <strong>LLM-based AI agents</strong></li> <li>Experience in transitioning from <strong>manual SOC to AI-augmented operations</strong>.</li> <li>Relevant <strong>security certifications</strong></li> <li><strong>Certification in cloud computing</strong>, including administration, development, engineering, or architecture.</li> <li><strong>Knowledge of AI safety and reliability</strong> - guardrails, validation, human oversight mechanisms</li> </ul><div class="content-conclusion"><p><strong>Benefits &amp; Perks:</strong></p> <ul> <li>Competitive compensation</li> <li>Career growth and learning opportunities</li> <li>Flexibility and work-life balance</li> <li>Collaborative and innovative culture</li> <li>Opportunity to work on impactful AI projects</li> <li>International environment and talented teams</li> </ul> <p><strong>What's it like to work at Nebius:</strong></p> <p>Fast moving&nbsp;- Bold thinking&nbsp;- Constant growth&nbsp;- Meaningful impact&nbsp;- Trust and real ownership&nbsp;- Opportunity to shape the future of AI&nbsp;</p> <p><strong>Equal Opportunity Statement:</strong></p> <p>Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.</p> <p>Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire.&nbsp;</p> <p>If you need accommodations during the application process, please let us know.</p></div>